Hardware #

There are a lot of hardware manufactures in this space. You should have a goal of clearly defining your objectives, such as:

• Linux natively on every platform
• Distribution choice on every platform
• at-least 4 NBASE-T bridge ports
• at-least 8 PoE bridge ports
• expandable access points

For most of the lab you will utilize “General Purpose Computing”, such as your workstation. You should be aware of specialized computing such as Application-specific Integrated Circuits. An common example of this is a Graphics Processing Unit. In networking bridging is an application where ASIC(s) are utilized. There is an exciting project called switchdev which aims to provide in kernel hardware offload of packer forwarding on bridge/switch ASIC(s) chips.

Historically the industry has had limited incentive to provide in kernel support for their devices at the “homelab” interface speed. The leaders in adoption appear to be the Mellanox Spectrum line, but this is 10G->400G interface speeds.

It’s worth taking a moment and looking at a this talk 28c3: The Coming War on General Computation.

Manufactures #

TODO

• Vendor Altruism, how much do they utilize and give back
• Vendor sustainability, how well do they lifecycle their products
• https://protectli.com/product-comparison/
• https://www.netgate.com/appliances
• https://mikrotik.com/products
• https://pcengines.ch/
• https://rockpi.org/
• https://up-board.org/
• https://fit-iot.com
• NUCs/BRIX

Bill of Materials #

Choice: Protectli & Mikrotik

For the edge of our networks we’ll be using the Protectli FW6D as it provides us with the ability to:

• have a discrete WAN and LAN
• have a bridge of other interfaces (opt1 through opt4) (switch on router)
• have multi-WAN if the environment allows for it.

For bridging we examine a handful of devices from Mikrotik:

• Mikrotik gives you a Linux-like experience at a low cost where native Linux on bridging devices is not consumer accessible (switchdev isn’t widespread yet).
• CRS312-4C+8XG-RM provides NBASE-T capabilities at a fairly low cost.
• CRS328-24P-4S+RM provides a lot of PoE at a fairly low cost.
• cAP XL ac is a powerful 802.11ac “Wave 1” and “Wave 2 capable” device that will work with Mikrotik’s CAPsMAN

These choices satisfy the original objectives in all ways except for the ability to make distribution choice on the Mikrotik hardware. For Mikrotik the bootloader and associated ASIC(s) are somewhat locked down. RouterOS, as of v7, is utilizing modern Linux. There are Mikrotik specific concepts that need to be understood, but the underlying Linux principles are exposed quite plainly compared to alternatives.

Notably the CRS328-24P-4S+RM is actually using a Marvell Prestera and has growing switchdev compatibility

To hit our original objectives we will order the following:

• QTY 1 x Protectli FW6D
• QTY 1 x Mikrotik CRS328-24P-4S+RM
• QTY N x cAP XL ac
• QTY N x S+RJ10
• QTY 2 x USB Rollover FTDI Cable (Moyina or Oikwan seem to be common)

More than one cAP XL ac can be ordered if there is a desire to push for wider physical coverage. The S+RJ10 allows us to have up to four NBASE-T ports on the switch.